Back to EveryPatent.com
United States Patent | 6,125,447 |
Gong | September 26, 2000 |
A method and apparatus are provided for maintaining and enforcing security rules using protection domains. As new code arrives at a computer, a determination is assigned to a protection domain based on the source from which the code is received. The protection domain establishes the permissions that apply to the code. In embodiments where the code to be executed by the computer belongs to object classes, an association is established between the protection domains and the classes of objects. When an object requests an action, a determination is made as to whether the action is permitted based on the class to which the object belongs and the association between classes and protection domains.
Inventors: | Gong; Li (Menlo Park, CA) |
Assignee: | Sun Microsystems, Inc. (Mountain View, CA) |
Appl. No.: | 988439 |
Filed: | December 11, 1997 |
Current U.S. Class: | 713/201; 713/154 |
Intern'l Class: | H04L 009/00 |
Field of Search: | 713/200,201-202,151,152,153,154-168,169 709/229,303 395/704 714/38,48 707/103,9,10 380/4 |
5311591 | May., 1994 | Fischer | 380/4. |
5720033 | Feb., 1998 | Deo | 713/200. |
5758153 | May., 1998 | Atsatt et al. | 395/614. |
5841870 | Nov., 1998 | Fieres et al. | 380/25. |
5845129 | Dec., 1998 | Wendorf et al. | 395/726. |
5892904 | Apr., 1999 | Atkinson et al. | 713/201. |
Foreign Patent Documents | |||
2259590A | Mar., 1993 | WO | . |
2308688A | Jul., 1997 | WO | . |
Gong Li, et al.: "Going Beyond the Sandbox: An Overview of the New Security Architecture in the Java.TM. Development Kit 1.2", Proceedings of the Usenix Symposium on Internet Technologies and Systems, Monterey, CA, USA, 8-11 Dec. 1997, ISBN 1-880446-91-S, 1997, Berkeley, CA, USA, Usenix Assoc., USA, pp. 103-112, XP002100907. Wallach, D. S., et al.: "Extensible Security Architectures for Java", 16th ACM Symposium on Operating Systems Principles, Sain Malo, France, 5-8 Oct. 1997, ISSN 0163-5980, Operating Systems Review, Dec. 1997, ACM, USA, pp. 116-128, XP-002101681. Dean, D., et al., "Java Security: From HotJava to Netscape and Beyond," Proceedings of the 1996 IEEE Symposium on Security and Privacy, Oakland, CA, May 6-8, 1996. Hamilton, M.A., "Java and the Shift to Net-Centric Computing," Computer, vol. 29, No. 8, Aug., 1996. |